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DETAILED ACTION 

Response to Arguments 

1 . Applicant argues, "a request for a resource is not a request for authentication." This 
argument is not persuasive because the result of the request made by the user in Blakley is 
authentication. Therefore, the request of Blakley can be considered an authentication request as 
claimed. 

2. Applicant argues, "Because the authentication assertion is transferred to a relying domain 
by the issuing domain, and therefore not provided to the client in response of the first 
authentication request, Applicant's assert that Blakley also fails to disclose limitation (ii)." This 
argument is not persuasive because the claims do not require the client to receive the assertion. 
Instead, the claims merely require the assertion to be received from the first server, and sent to 
the second server. Therefore, even f/the assertion in Blakley is merely sent from the issuing 
domain to the relying domain direct, the claims limitations would be met. 

3. Applicant agues, "Blakley does not disclose the use of a certificate associated with the 
second server." This argument is not persuasive because the claims do not define the depth of the 
claimed "association". The fact that relying server is included within the authentication scheme 
that utilizes the certification would meet the claimed "association". The claims do not require 
content specific to the claimed second server to be included within the certificate. 

4. Applicant argues, "Blakley does not disclose a trusted partner list." This argument is not 
persuasive because Blakley discloses that the issuing domain checks to see if the credential are 
maintained and passes a validation answer to the relying domain ([0171]-[0172]). Examiner 
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would like to point out that "trusted partner list" is not a term of art, and therefore the limitations 
have been met using a broad but reasonable interpretation of the claims. 

Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

6. Claims 37-49 are rejected under 35 U.S.C. 1 02(e) as being anticipated by Blakley, U.S. 
Publication No. 2004/0128392. Referring to claims 37, 41, 45, 46, Blakley discloses single sign- 
on operations for a user at multiple domains wherein the user sends a request to an issuing 
domain and receives an assertion from the issuing domain (Figure 3C & [0138]), which meets 
the limitation of sending a first authentication request to a first server, receiving, in response to 
the first authentication request, an authentication assertion reference from the first server, the 
client is authenticated by the second server prior to obtaining the authentication assertion 
reference. The assertion is forwarded to a relying domain (Figures 3C & Figure 5 & [0139] & 
[0169]), which meets the limitation of sending, to a second server, a request to access the 
resource operatively connected to the second server, wherein the request comprises the 
authentication assertion reference. The relying domain receives credentials, that can be in 
certificate form, from the user and then forwards the credentials to the issuing domain (Figure 5 
& [0070] & [0170]-[0171]), which meets the limitation of wherein, in response to the request, 
the second server sends the first server a second authentication request comprising a certificate 
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associated with the second server. The issuing domain checks to see if the credential are 
maintained and passes a validation answer to the relying domain ([0171]-[0172]), which meets 
the limitation of wherein the first server, in response to the second authentication request, 
determines whether the certificate is present in a trusted partner list maintained by the first 
server, and wherein the first server, in response to determining whether the certificate is present 
in the trusted partner list, sends an authentication assertion to the second server. Based on the 
received assertion, the relying domain authorizes the requesting user to access ([0173]), which 
meets the limitation of receiving a grant of access to the resource from the second server, 
wherein the second server grants access to the resource based on the authentication assertion. 

Referring to claims 38, 42, 49, Blakley discloses prior to sending the first server the 
second authentication request, the second server identifies the first server using the 
authentication assertion reference (Figure 5 & [0170]). 

Referring to claims 39, 43, 47, Blakley discloses that the first authentication request 
includes login information ([0048]), which meets the limitation of sending a first authentication 
request to the first server comprises providing the first server with user login information. 

Referring to claims 40, 44, 48, Blakley discloses the first authentication request is a 
Security Assertion Markup Language request in a SOAP envelope ([0092]-[0093]). 

Conclusion 

7. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
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MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to BENJAMIN E. LANIER whose telephone number is (571)272- 
3805. The examiner can normally be reached on M-Th 7:00am-5 :30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Benjamin E Lanier/ 
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